The Floodgate TPM Library provides the device-side software to streamline TPM usage and key storage, while the Floodgate CA Server allows management of PKI certificates after the device is deployed.Floodgate TPM Library and the Floodgate PKI Client enable OEMs to develop and deploy secure embedded connected devices with relative ease.
The Floodgate Factory CA Server enables key management and certificate signing during manufacturing. Sectigo provides a complete certificate management solution starting with secure certificate creation & insertion at the customer´s factory using the OPTIGA™ TPM for private key storage. Remote device health attestation supported by Infineon´s OPTIGA™ TPM – watch the video now Glossary
To facilitate use and integration for device and system manufacturers, Infineon has created a Github repository with documents as well as demonstrator source code. End users benefit from increased security for their sensitive data while still enjoying the same or an even better user experience. OPTIGA TM TPM also gives device and system manufacturers an opportunity to access new markets requiring new – and differentiating – levels of security. The PCR values are signed with a private Attestation Identity Key (AIK) to reduce the risk of forgery.įor service providers, this means that their services are stable and reliable, and that devices in their network have been checked for manipulation. The attestation server polls a platform at set intervals, verifying either that the PCRs in the OPTIGA TM TPM have not changed or that the new PCR values are trustworthy. The PCR is protected against being rolled back to a previous value. The measurements can then be retrieved by a remote attestation server to determine the configuration of the device at the time it was booted as well as during runtime. When devices start up, the software and firmware are measured by the Linux Integrity Measurement Architecture (IMA) and the results are stored in the OPTIGA TM TPM Platform Configuration Registers (PCRs). The system notifies the user if it does detect changes, e.g. A Trusted Platform Module (TPM) is a specialized chip on a laptop or desktop computer that is designed to secure hardware with integrated cryptographic keys. The TPM provides a secured identity and storage space for system control mechanisms that may check whether hardware and software are still running as intended. By the time most users realize they have suffered a data breach, they have actually been under attack for weeks, months, or even years.Ī system health check supported by Infineon’s OPTIGA TM TPM lets users check that their devices have not been manipulated. Once malware is on a device, it may remain there undetected for long periods as it often works undetected in the background. Worst still, cyber threats have become so sophisticated that conventional defense-in-depth cybersecurity measures may even fail to detect them. Today, network equipment and IoT devices face a constant barrage of attacks aimed at exposing vulnerabilities in software and firmware.
0 kommentar(er)
